Merge pull request #1187 from aptly-dev/dependabot/go_modules/github.… #1991
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
pull_request: | |
push: | |
tags: | |
- 'v*' | |
branches: | |
- 'master' | |
defaults: | |
run: | |
# see: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#using-a-specific-shell | |
shell: bash --noprofile --norc -eo pipefail {0} | |
env: | |
DEBIAN_FRONTEND: noninteractive | |
jobs: | |
test: | |
name: "Test (Ubuntu 22.04)" | |
runs-on: ubuntu-22.04 | |
continue-on-error: false | |
timeout-minutes: 30 | |
env: | |
NO_FTP_ACCESS: yes | |
BOTO_CONFIG: /dev/null | |
GO111MODULE: "on" | |
GOPROXY: "https://proxy.golang.org" | |
steps: | |
- name: "Install packages" | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y --no-install-recommends graphviz gnupg2 gpgv2 git gcc make devscripts python3 python3-requests-unixsocket python3-termcolor python3-swiftclient python3-boto python3-azure-storage python3-etcd3 python3-plyvel flake8 | |
- name: "Checkout repository" | |
uses: actions/checkout@v4 | |
with: | |
# fetch the whole repo for `git describe` to work | |
fetch-depth: 0 | |
- name: "Run flake8" | |
run: | | |
make flake8 | |
- name: "Read go version from go.mod" | |
run: | | |
gover=$(sed -n 's/^go \(.*\)/\1/p' go.mod) | |
echo "Go Version: $gover" | |
echo "GOVER=$gover" >> $GITHUB_OUTPUT | |
id: goversion | |
- name: "Setup Go" | |
uses: actions/setup-go@v3 | |
with: | |
go-version: ${{ steps.goversion.outputs.GOVER }} | |
- name: "Install Azurite" | |
id: azuright | |
uses: potatoqualitee/[email protected] | |
with: | |
directory: ${{ runner.temp }} | |
- name: "Run Unit Tests" | |
env: | |
RUN_LONG_TESTS: 'yes' | |
AZURE_STORAGE_ENDPOINT: "http://127.0.0.1:10000/devstoreaccount1" | |
AZURE_STORAGE_ACCOUNT: "devstoreaccount1" | |
AZURE_STORAGE_ACCESS_KEY: "Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw==" | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
run: | | |
sudo mkdir -p /srv ; sudo chown runner /srv | |
COVERAGE_DIR=${{ runner.temp }} make test | |
- name: "Run Benchmark" | |
run: | | |
COVERAGE_DIR=${{ runner.temp }} make bench | |
- name: "Run System Tests" | |
env: | |
RUN_LONG_TESTS: 'yes' | |
AZURE_STORAGE_ENDPOINT: "http://127.0.0.1:10000/devstoreaccount1" | |
AZURE_STORAGE_ACCOUNT: "devstoreaccount1" | |
AZURE_STORAGE_ACCESS_KEY: "Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw==" | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
run: | | |
sudo mkdir -p /srv ; sudo chown runner /srv | |
COVERAGE_DIR=${{ runner.temp }} make system-test | |
- name: "Merge code coverage" | |
run: | | |
go install github.com/wadey/gocovmerge@latest | |
~/go/bin/gocovmerge unit.out ${{ runner.temp }}/*.out > coverage.txt | |
- name: "Upload code coverage" | |
uses: codecov/codecov-action@v2 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: coverage.txt | |
ci-debian-build: | |
name: "Build" | |
needs: test | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
name: ["Debian 13/testing", "Debian 12/bookworm", "Debian 11/bullseye", "Debian 10/buster", "Ubuntu 24.04", "Ubuntu 22.04", "Ubuntu 20.04"] | |
arch: ["amd64", "i386" , "arm64" , "armhf"] | |
include: | |
- name: "Debian 13/testing" | |
suite: trixie | |
image: debian:trixie-slim | |
- name: "Debian 12/bookworm" | |
suite: bookworm | |
image: debian:bookworm-slim | |
- name: "Debian 11/bullseye" | |
suite: bullseye | |
image: debian:bullseye-slim | |
- name: "Debian 10/buster" | |
suite: buster | |
image: debian:buster-slim | |
- name: "Ubuntu 24.04" | |
suite: noble | |
image: ubuntu:24.04 | |
- name: "Ubuntu 22.04" | |
suite: jammy | |
image: ubuntu:22.04 | |
- name: "Ubuntu 20.04" | |
suite: focal | |
image: ubuntu:20.04 | |
container: | |
image: ${{ matrix.image }} | |
env: | |
APT_LISTCHANGES_FRONTEND: none | |
DEBIAN_FRONTEND: noninteractive | |
steps: | |
- name: "Install packages" | |
run: | | |
apt-get update | |
apt-get install -y --no-install-recommends make ca-certificates git curl build-essential devscripts dh-golang jq bash-completion lintian \ | |
binutils-i686-linux-gnu binutils-aarch64-linux-gnu binutils-arm-linux-gnueabihf \ | |
libc6-dev-i386-cross libc6-dev-armhf-cross libc6-dev-arm64-cross \ | |
gcc-i686-linux-gnu gcc-arm-linux-gnueabihf gcc-aarch64-linux-gnu | |
git config --global --add safe.directory "$GITHUB_WORKSPACE" | |
- name: "Checkout repository" | |
uses: actions/checkout@v4 | |
with: | |
# fetch the whole repo for `git describe` to work | |
fetch-depth: 0 | |
- name: "Read go version from go.mod" | |
run: | | |
gover=$(sed -n 's/^go \(.*\)/\1/p' go.mod) | |
echo "Go Version: $gover" | |
echo "GOVER=$gover" >> $GITHUB_OUTPUT | |
id: goversion | |
- name: "Setup Go" | |
uses: actions/setup-go@v3 | |
with: | |
go-version: ${{ steps.goversion.outputs.GOVER }} | |
- name: "Ensure CI build" | |
if: github.ref == 'refs/heads/master' | |
run: | | |
echo "FORCE_CI=true" >> $GITHUB_OUTPUT | |
id: force_ci | |
- name: "Build Debian packages" | |
env: | |
FORCE_CI: ${{ steps.force_ci.outputs.FORCE_CI }} | |
run: | | |
make dpkg DEBARCH=${{ matrix.arch }} | |
- name: "Check aptly credentials" | |
env: | |
APTLY_USER: ${{ secrets.APTLY_USER }} | |
APTLY_PASSWORD: ${{ secrets.APTLY_PASSWORD }} | |
run: | | |
found=no | |
if [ -n "$APTLY_USER" ] && [ -n "$APTLY_PASSWORD" ]; then | |
found=yes | |
fi | |
echo "Aptly credentials available: $found" | |
echo "FOUND=$found" >> $GITHUB_OUTPUT | |
id: aptlycreds | |
- name: "Publish CI release to aptly" | |
if: github.ref == 'refs/heads/master' && steps.aptlycreds.outputs.FOUND == 'yes' | |
env: | |
APTLY_USER: ${{ secrets.APTLY_USER }} | |
APTLY_PASSWORD: ${{ secrets.APTLY_PASSWORD }} | |
run: | | |
.github/workflows/scripts/upload-artifacts.sh ci ${{ matrix.suite }} | |
- name: "Publish release to aptly" | |
if: startsWith(github.event.ref, 'refs/tags') && steps.aptlycreds.outputs.FOUND == 'yes' | |
env: | |
APTLY_USER: ${{ secrets.APTLY_USER }} | |
APTLY_PASSWORD: ${{ secrets.APTLY_PASSWORD }} | |
run: | | |
.github/workflows/scripts/upload-artifacts.sh release ${{ matrix.suite }} | |
ci-binary-build: | |
name: "Build" | |
needs: test | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
goos: [linux, freebsd, darwin] | |
goarch: ["386", "amd64", "arm", "arm64"] | |
exclude: | |
- goos: darwin | |
goarch: 386 | |
- goos: darwin | |
goarch: arm | |
steps: | |
- name: "Checkout repository" | |
uses: actions/checkout@v4 | |
with: | |
# fetch the whole repo for `git describe` to work | |
fetch-depth: 0 | |
- name: "Read go version from go.mod" | |
run: | | |
echo "GOVER=$(sed -n 's/^go \(.*\)/\1/p' go.mod)" >> $GITHUB_OUTPUT | |
id: goversion | |
- name: "Setup Go" | |
uses: actions/setup-go@v3 | |
with: | |
go-version: ${{ steps.goversion.outputs.GOVER }} | |
- name: "Ensure CI build" | |
if: github.ref == 'refs/heads/master' | |
run: | | |
echo "FORCE_CI=true" >> $GITHUB_OUTPUT | |
id: force_ci | |
- name: "Get aptly version" | |
env: | |
FORCE_CI: ${{ steps.force_ci.outputs.FORCE_CI }} | |
run: | | |
aptlyver=$(make -s version) | |
echo "Aptly Version: $aptlyver" | |
echo "VERSION=$aptlyver" >> $GITHUB_OUTPUT | |
id: releaseversion | |
- name: "Build aptly ${{ matrix.goos }}/${{ matrix.goarch }}" | |
env: | |
GOBIN: /usr/local/bin | |
FORCE_CI: ${{ steps.force_ci.outputs.FORCE_CI }} | |
run: | | |
make binaries GOOS=${{ matrix.goos }} GOARCH=${{ matrix.goarch }} | |
- name: "Upload Artifacts" | |
uses: actions/upload-artifact@v4 | |
if: startsWith(github.event.ref, 'refs/tags') | |
with: | |
name: aptly_${{ steps.releaseversion.outputs.VERSION }}_${{ matrix.goos }}_${{ matrix.goarch }} | |
path: build/aptly_${{ steps.releaseversion.outputs.VERSION }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip | |
compression-level: 0 # no compression | |
gh-release: | |
name: "Github Release" | |
runs-on: ubuntu-latest | |
continue-on-error: false | |
needs: ci-binary-build | |
if: startsWith(github.event.ref, 'refs/tags') | |
steps: | |
- name: "Download Artifacts" | |
uses: actions/download-artifact@v4 | |
with: | |
path: out/ | |
- name: "Release" | |
uses: softprops/action-gh-release@v2 | |
with: | |
files: "out/**/aptly_*.zip" |